ModeraCloud

Beta

Haproxy publishing

Haproxy plugin install haproxy as a load balancer for mcloud. Plugin is useful when you need deploy multiple applications on one server, or use complex application publishing

Multiple applications

cloud Internet {

}

package Docker {
    [Haproxy] << Load Balancer >>

    database App1 {
        [nginx.myapp]
        [another.myapp]
        [something.myapp]
    }

    database App2 {
        [nginx.another]
        [another.another]
    }

    Haproxy ..> nginx.myapp
    Haproxy ..> nginx.another

}

Internet ..> Haproxy

Multiple versions

cloud Internet {

}

package Docker {
    [Haproxy] << Load Balancer >>

    [nodejs.app_v1]
    [nodejs.app_v2]

    Haproxy ..> nodejs.app_v1
    Haproxy -> nodejs.app_v2
}

Internet ..> Haproxy

Haproxy template

You can use your own template by placing it in /root/.mcloud/haproxy.tpl. Mcloud kindly places default config there.

Template is Jinja2 template http://jinja.pocoo.org/docs/

To apply your changes to template restart mcloud:

$ docker restart mcloud

Default tamplate

defaults
        option  dontlognull
        timeout connect 5000
        timeout client 50000
        timeout server 50000


{% if ssl_apps %}
frontend http_ssl_proxy
  mode tcp
  bind 0.0.0.0:443

  tcp-request inspect-delay 5s
  tcp-request content accept if { req_ssl_hello_type 1 }

  {% for app in ssl_apps %}
  {% for domain in app.domains %}
  acl is_ssl_{{ app.name }} req_ssl_sni -i {{ domain }}
  {% endfor %}
  use_backend backend_ssl_{{ app.name }}_cluster if is_ssl_{{ app.name }}
  {% endfor %}

  {% for app in ssl_apps %}
  {% for backend in app.backends %}
  backend {{ backend.name }}_cluster
      mode tcp

      # maximum SSL session ID length is 32 bytes.
      stick-table type binary len 32 size 30k expire 30m

      acl clienthello req_ssl_hello_type 1
      acl serverhello rep_ssl_hello_type 2

      # use tcp content accepts to detects ssl client and server hello.
      tcp-request inspect-delay 5s
      tcp-request content accept if clienthello

      # no timeout on response inspect delay by default.
      tcp-response content accept if serverhello

      stick on payload_lv(43,1) if clienthello

      # Learn on response if server hello.
      stick store-response payload_lv(43,1) if serverhello

      option ssl-hello-chk

      server {{ backend.name }} {{ backend.ip }}:{{ backend.port }} check

  {% endfor %}
  {% endfor %}
{% endif %}

frontend http_proxy
  bind 0.0.0.0:80

  mode    http
  option  httpclose
  option  forwardfor

  {% for app in apps %}
  {% for domain in app.domains %}
  acl is_{{ app.name }} hdr(host) -i {{ domain }}
  {% endfor %}
  use_backend backend_{{ app.name }}_cluster if is_{{ app.name }}
  {% endfor %}

  {% for app in apps %}
  {% for backend in app.backends %}
  backend {{ backend.name }}_cluster
      mode    http
      server {{ backend.name }} {{ backend.ip }}:{{ backend.port }}
  {% endfor %}
  {% endfor %}